diff options
author | Gregor Kleen <gkleen@yggdrasil.li> | 2021-11-15 23:49:12 +0059 |
---|---|---|
committer | Gregor Kleen <gkleen@yggdrasil.li> | 2021-11-15 23:49:12 +0059 |
commit | ebb22b579dbcc095411fe907d7be978cab7e05f2 (patch) | |
tree | f43f5e9a9a161be2640a77e4e6f1e9eadc1e60ee | |
parent | 1c5d5675d5813e8e0fda2f73fb999e7f4d4367a8 (diff) | |
download | nixos-ebb22b579dbcc095411fe907d7be978cab7e05f2.tar nixos-ebb22b579dbcc095411fe907d7be978cab7e05f2.tar.gz nixos-ebb22b579dbcc095411fe907d7be978cab7e05f2.tar.bz2 nixos-ebb22b579dbcc095411fe907d7be978cab7e05f2.tar.xz nixos-ebb22b579dbcc095411fe907d7be978cab7e05f2.zip |
vidhar: ...
-rw-r--r-- | hosts/vidhar/default.nix | 20 |
1 files changed, 9 insertions, 11 deletions
diff --git a/hosts/vidhar/default.nix b/hosts/vidhar/default.nix index f3c313d0..039101be 100644 --- a/hosts/vidhar/default.nix +++ b/hosts/vidhar/default.nix | |||
@@ -91,11 +91,9 @@ | |||
91 | { from = 60000; to = 61000; } # mosh | 91 | { from = 60000; to = 61000; } # mosh |
92 | ]; | 92 | ]; |
93 | extraCommands = '' | 93 | extraCommands = '' |
94 | set -x | 94 | ip46tables -D FORWARD -j nixos-fw-forward || true |
95 | 95 | ip46tables -F nixos-fw-forward || true | |
96 | ip46tables -D FORWARD -j nixos-fw-forward 2>/dev/null || true | 96 | ip46tables -X nixos-fw-forward || true |
97 | ip46tables -F nixos-fw-forward 2> /dev/null || true | ||
98 | ip46tables -X nixos-fw-forward 2> /dev/null || true | ||
99 | 97 | ||
100 | ip46tables -N nixos-fw-forward | 98 | ip46tables -N nixos-fw-forward |
101 | ip46tables -A nixos-fw-forward -i eno1 -j ACCEPT | 99 | ip46tables -A nixos-fw-forward -i eno1 -j ACCEPT |
@@ -108,9 +106,9 @@ | |||
108 | ip46tables -A FORWARD -j nixos-fw-forward | 106 | ip46tables -A FORWARD -j nixos-fw-forward |
109 | 107 | ||
110 | 108 | ||
111 | ip46tables -t nat -D POSTROUTING -j nixos-fw-postrouting-nat 2>/dev/null || true | 109 | ip46tables -t nat -D POSTROUTING -j nixos-fw-postrouting-nat || true |
112 | ip46tables -t nat -F nixos-fw-postrouting-nat 2>/dev/null || true | 110 | ip46tables -t nat -F nixos-fw-postrouting-nat || true |
113 | ip46tables -t nat -X nixos-fw-postrouting-nat 2>/dev/null || true | 111 | ip46tables -t nat -X nixos-fw-postrouting-nat || true |
114 | 112 | ||
115 | ip46tables -t nat -N nixos-fw-postrouting-nat | 113 | ip46tables -t nat -N nixos-fw-postrouting-nat |
116 | iptables -t nat -A nixos-fw-postrouting-nat -o dsl -j MASQUERADE | 114 | iptables -t nat -A nixos-fw-postrouting-nat -o dsl -j MASQUERADE |
@@ -118,9 +116,9 @@ | |||
118 | ip46tables -t nat -A POSTROUTING -j nixos-fw-postrouting-nat | 116 | ip46tables -t nat -A POSTROUTING -j nixos-fw-postrouting-nat |
119 | 117 | ||
120 | 118 | ||
121 | ip46tables -t mangle -D POSTROUTING -j nixos-fw-postrouting-mangle 2>/dev/null || true | 119 | ip46tables -t mangle -D POSTROUTING -j nixos-fw-postrouting-mangle || true |
122 | ip46tables -t mangle -F nixos-fw-postrouting-mangle 2>/dev/null || true | 120 | ip46tables -t mangle -F nixos-fw-postrouting-mangle || true |
123 | ip46tables -t mangle -X nixos-fw-postrouting-mangle 2>/dev/null || true | 121 | ip46tables -t mangle -X nixos-fw-postrouting-mangle || true |
124 | 122 | ||
125 | ip46tables -t mangle -N nixos-fw-postrouting-mangle | 123 | ip46tables -t mangle -N nixos-fw-postrouting-mangle |
126 | ip46tables -t mangle -A nixos-fw-postrouting-mangle -o dsl -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu | 124 | ip46tables -t mangle -A nixos-fw-postrouting-mangle -o dsl -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu |